We all get emails that look genuine and appear to come up from firms like ebay, Paypal, citibank etc. But they are actually scams that entice us to provide sensitive financial information. Here are some tips to keep us safe... DON'T GET HOOKED There are a lot of esoteric variations on phishing schemes, and new flavors are emerging all the time. But here are some tips for basic safety: Don't respond to e-mails asking for personal or financial information -- passwords, account numbers, Social Security numbers, and the like. Don't click on links in emails from financial institutions and other organizations that have your personal information, and don't paste those links into your browser. Weaknesses in the technical underpinnings of the Internet can let phishers redirect you to fake sites, and just visiting suspect sites could subject you to attempts to put malicious programs -- called "crimeware" -- on your PC. Don't taunt phishers by following their links and giving them false information -- a visit to a fake site can trigger a "drive-by download" of crimeware. Don't download or open files attached to emails purporting to be from financial institutions, eBay, Paypal, and the like. Don't trust phone numbers in emails. These can be faked, too. Basically, if email from a financial institution or organization that has your personal information does anything other than inform, don't trust it. We hate to say that, because such email communications are supposed to make life easier. But until basic flaws with email and the Web are fixed, it's not worth the risk. Enough don'ts. What should you do? If you think a communication requiring you to take action might be legitimate, type in the organization's Web address yourself from a new browser or call. Again, don't copy the Web address from the email or trust a phone number supplied by it. Send emails you think might be phishing to email@example.com and to the organization mentioned in the phishing email. Most organizations also offer an email address, such as firstname.lastname@example.org, that you can write to. Make sure your Internet connection is protected by a firewall, your PC is protected by antivirus software, and run antispyware software periodically to check for malicious programs on your machine.